I'm having trouble getting my system to recognize a valid SSL certificate. You can see from the image that the certificate is installed and valid, but my browser does not trust it for some reason. I know I dealt with this a couple years ago when I went through the cert process, but I can't remember what I need to do to resolve this. Any help?
Can you upload the certificate here so we can look at it?
Looking at the URL you're accessing the Ignition Gateway at I'm skeptical that it's listed in the certificate.
Thanks, @Kevin.Herron. Forgive my ignorance, but I installed the certificate a year and a half ago, and can't remember how to go about retrieving it so I can post it here. Can you please point me in the right direction?
Does your computer trust the CA (nwasco-SRV-CERT-CA)? I'd check the not-secure icon in the browser and my guess is that your computer doesn't trust the root CA, so inherently it won't trust the certificate either. If the CA root certificate is pushed out to you through group policy on the domain server (assuming this is Windows), make sure your system is getting it (may have to reach out to IT if they manage it).
You should be able to just pull it out of the browser. You should also be able to click around somewhere to find out more about what it doesn't like about this certificate.
I think Michael is on to something here. I didn't notice at first that your certificate is signed by an internal CA and not a public CA, so this is also worth looking into.
Ok, I think you guys are on to something here. Thanks for your help. I'll probably just get new certificates from a public CA.
You can only do this for a server accessible at a public address; the one in your screenshot appears to be internal.
Ok, it sounds like the issue is that my computer doesn't trust the root CA. But I have no idea what to do about that.
It sounds like you need to work with your IT department. They would have been in the loop to issue this certificate in the first place.
Got it, thanks.
I'm using a Mac. All I had to do was export the certificate from my browser, import it into my System Keychain, and trust it. Thanks to everyone for pointing me in the right direction.